We performed a comparison between Bridgecrew and Tenable Security Center based on real PeerSpot user reviews.
Find out what your peers are saying about Palo Alto Networks, Wiz, Microsoft and others in Cloud Workload Protection Platforms (CWPP)."The offensive security feature is valuable because it publicly detects the offensive and vulnerable things present in our domain or applications. It checks any applications with public access. Some of the applications give public access to certain files or are present over a particular domain. It detects and lets us know with evidence. That is quite good. It is protecting our infrastructure quite well."
"We like PingSafe's vulnerability assessment and management features, and its vulnerability databases."
"PingSafe can integrate all your cloud accounts and resources you create in the AWS account, We have set it up to scan the AWS transfer services, EC2, security groups, and GitHub."
"The offensive security where they do a fix is valuable. They go to a misconfiguration and provide detailed alerts on what could be there. They also provide a remediation feature where if we give the permission, they can also go and fix the issue."
"All the features we use are equal and get the job done."
"Atlas security graph is pretty cool. It maps out relationships between components on AWS, like load balancers and servers. This helps visualize potential attack paths and even suggests attack paths a malicious actor might take."
"It saves time, makes your environment more secure, and improves compliance. PingSafe helps with audits, ensuring that you are following best practices for cloud security. You don't need to be an expert to use it and improve your security."
"We noted immediate benefits from using the solution."
"New users don't have too many problems with the product. They have a lot of training documentation around it."
"In cases where they have automatic remediations, you can click a button and it'll just fix the configuration for you."
"I found the dashboard features very useful. It made it easy to track remediation progress. I could publish dashboards to remediation teams and track the progress on the dashboards."
"The tool gives us fewer false positives. Compared to its competitors, the solution’s reports are more accurate."
"Initial setup was pretty straightforward."
"Tenable's most valuable features are the credential scan, vulnerability reports, and vulnerability ratings (VPR)."
"Compliance and vulnerability scans are most valuable. Compliance scan helps in validating how our teams are complying, and vulnerability scan helps in future-proofing. Its vulnerability detection is accurate."
"Tenable also helps us to focus resources on the vulnerabilities that are most likely to be exploited. And since it is continuously updated, it allows us to reevaluate quickly if there are new vulnerabilities found..."
"Tenable.sc is user-friendly."
"This solution has a much lower rate of false positives compared to competing products."
"We recently adopted a new ticket management solution, so we've asked them to include a connector to integrate that tool with Cloud Native Security directly. We'd also like to see Cloud Native Security add a scan for personally identifying information. We're looking at other tools for this capability, but having that functionality built into Cloud Native Security would be nice. Monitoring PII data is critical to us as an organization."
"In addition to our telecom and Slack channels, it would be helpful to receive Cloud Native Security security notifications in Microsoft Teams."
"We use PingSafe and also SentinelOne. If PingSafe integrated some of the endpoint security features of SentinelOne, it would be the perfect one-stop solution for everything. We wouldn't need to switch between the products. At my organization, I am responsible for endpoint security and vulnerability management. Integrating both functions into one application would be ideal because I could see all the alerts, heat maps, and reports in one console."
"If I had to pick a complaint, it would be the way the hosts are listed in the tool. You have different columns separated by endpoint name, Cloud Account, and Cloud Instances ID. I wish there was something where we could change the endpoint name and not use just the IP address. We would like to have custom names or our own names for the instances. If I had a complaint, that would be it, but so far, it meets all the needs that we have."
"Currently, we would have to export our vulnerability report to an .xlsx file, and review it in an Excel spreadsheet, and then we sort of compile a list from there. It would be cool if there was a way to actually toggle multiple applications for review and then see those file paths on multiple users rather than only one user at a time or only one application at a time."
"Some of the navigation and some aspects of the portal may be a little bit confusing."
"When we get a new finding from PingSafe, I wish we could get an alert in the console, so we can work on it before we see it in the report. It would be very useful for the team that is actively working on the PingSafe platform, so we can close the issue the same day before it appears in the daily report."
"Whenever I view the processes and the process aspect, it takes a long time to load."
"The biggest issue that I see companies run into is that they immediately think that, "Oh, this solution will be right, simply due to the name." But that's the same issue Splunk runs into. People will immediately jump to Splunk being the best SIEM tool, just because they're the largest. When in reality, QRadar, LogRhythm, and all these other ones are performing similar functions and would actually fit better in some people's environments. Therefore, it's important a company does its homework and does not assume one size fits all."
"We'd like to see better monitoring and the ability to deny certain resources from being scanned."
"We are facing some challenges related to our channel."
"I think the vendor training provided for Tenable.sc could be a lower price. It's quite expensive for the training."
"The solution needs to improve its support. I would like to see a bird's eye view of my network architecture. I would also like to see the continuous view feature in the tool."
"The reporting side can be improved. The dashboards are nice, but exporting things out for reports for management was a little tough."
"For downloading reports, we have to go to the scan and then we have to go to the reports and download the Excel or CSV or PDF. I think these menus and clicks can be minimized."
"Though the solution's technical support is responsive, they do take a lot of time, making it one of the solution's shortcomings that needs improvement."
"The biggest issue I have with the solution is when I'm using the scanning it picks up the original DNS of that device. That means, before we image it and actually change the DNS to something within our company structure, it'll just be random numbers and letters and Tenable will stick to that DNS for a long time."
"The solution is expensive."
More SentinelOne Singularity Cloud Security Pricing and Cost Advice →
Bridgecrew is ranked 21st in Cloud Workload Protection Platforms (CWPP) with 2 reviews while Tenable Security Center is ranked 1st in Risk-Based Vulnerability Management with 48 reviews. Bridgecrew is rated 8.0, while Tenable Security Center is rated 8.2. The top reviewer of Bridgecrew writes "Multi-cloud, good scanning, and offers extensive guides". On the other hand, the top reviewer of Tenable Security Center writes "A security solution for vulnerability assessment with automated scans". Bridgecrew is most compared with Prisma Cloud by Palo Alto Networks, whereas Tenable Security Center is most compared with Tenable Vulnerability Management, Qualys VMDR, Rapid7 InsightVM, Tenable Nessus and Horizon3.ai.
We monitor all Cloud Workload Protection Platforms (CWPP) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.